Harmonization Over the Regulations of Electronic Medical Records and its Potential to be Abused

Abstract

The rapid development of information and communication technology has brought changes to the mechanism
for storing electronic medical records (EMR). EMR is very important to protect and provide comfort and
convenience for health services. However, it is very susceptible to be abused by hackers. This study aims
to harmonize amongst relevant laws on EMR and to identify the legal protection of EMR from abuse by
hackers. This research uses a normative research method to harmonize legal norms and regulations related
to EMR that already exist in Indonesia. Legal protection of EMR in Indonesia has not been implemented
proportionally even though the regulation on EMR has been stipulated clearly in the Minister of Health
Regulation No. 269/ 2008 concerning Medical Records and various relevant Laws on it. There are no
derivative laws related to EMR as mandated by the Minister of Health Regulation No. 269/2008 which
becomes an obstacle to the effective implementation of EMR. The existence of an EMR is Also very
susceptible to be abused by hackers. So, cyber security is needed for health workers, both individually and
institutionally to protect EMR. In conclusion, EMR has been regulated in Indonesian Laws, but it has not
been governed into derivative laws to be implemented a proportionally. Therefore, harmonization those laws
will narrow the gaps amongst them. Further norms and regulations regarding EMR are needed to create
cybersecurity which is potential to be hacked.